SECURE INSIGHTS

Recent Malware Attacks on Restaurants Use Stealthier Techniques

With all the improvements that have been made to security file scanners, creators of malware are deviating from the usual way to install it on a victim’s computer. This newer technique uses fileless malware, code that resides in computer memory and is written directly to RAM. It hides itself in hard-to-find locations where it goes effectively undetected by antivirus products. Besides being more difficult to detect, it is also harder to remove when compared to common malware.

New Threats

Recently, one of these types of attacks has been targeting restaurants here in the U.S. The malware was delivered via Word documents attached to phishing emails. The emails were tailored to specific people containing supposed menu documents, and once the documents were downloaded, the hackers aim is to trick the recipient into exiting Word’s default Protected View. Once the recipient double-clicks to unlock the document, a chain of events occur that eventually moves the malicious code to the computer’s memory.

Usually, a normal malware attack would be detected by an AV program as soon as it is written to the hard drive. In this case, after the file started the infection, the payload only existed in the computer’s memory, not the hard drive so the file was allowed to run amok.

A Fileless Future?

Top researchers have found that an increasing number of malware authors are adopting the use of these techniques and that’s expected to rise. The surge of fileless malware poses a serious problem to those that are unfamiliar to this type of infection. To combat this sneakier threat, you’ll have to increase your security by going beyond the normal file-based detection method and consider using a behavior monitoring technique.

Specialized Security Services

Regardless of the size of your businesses, you need to make sure you are staying one step ahead of modern security threats to protect your data. Specialized Security Services is here to help. We offer a complete set of cybersecurity services including critical vulnerability testing, penetration testing, risk assessment and more. To find out more, please visit our homepage.